Hi All,We have an integration with Tenable for our SN's Vulnerability Response.Lately I've got such a requirement:Vulnerable items should be marked as exception each time when CI scanned in Tenable has superseded patches in it.Has anyone had any expe...
Hi,I want to remove "By Priority" widget in Overview section of Security Incident Response Workspace and want to add my own custom widget. Please refer the attached screenshot
I would like to automatically create remediation task anytime a Known Exploit Vulnerability (KEV( is added to the catalog. Sometimes, 1 CVE is added at a time and other times it might be several. Due to the way we ingest vulnerability data, we ingest...
Vulnerability information integrated from third parties (such as Tenable)To link this vulnerability to CI, it is necessary to search for configuration items.Is it correct to think that only lookup rules are used at this time?Are IRE or identification...
Presently, Github generated SBOM SPDX files cannot be ingested into ServiceNow SBOM capability without a conversion or, at minimum, a manual code hack in the json file (which is not ideal).Although we can always automate SBOM ingestion via actions, i...
I'm working on setting up a vulnerability exception approval flow in ServiceNow SecOps and need help designing the following process:First-level approval by users from Group A.After approval, a recommendation task is created for users from Group B.Gr...
When viewing the new Instance Security Center dashboard's Daily Compliance Score, I notice the score does not update. It says the last time it was updated was 5/31 and only looks like it contains 5/29-5/30 data. This is a new Madrid (from Jakarta) ...
Hi everyone,We’re currently implementing the CISO Dashboard and are running into an issue where it does not respond to any configuration changes.Even after adding custom Metrics or Supporting Dashboards, the main dashboard continues to display only t...
We're trying to setup SLAs for Security Incidents and not getting any helpful metrics per SIR. Posting the configurations. The relevant fields are empty and "Made SLA" is always true. How can we get these fields to show details? Are these numbers tra...
Hi, We have the below property enabled on VR Tenable.io integration:Since this is enabled, ServiceNow has generated vulnerable items in 'open' state for the plugins that have a 'fixed' state in Tenable. If we disable the above checkbox, will all the ...
Basically, I installed sn_vul_r7(rapid7 integration for security operations), Validated API key and region successfully.After that I run Site filter integration and got all the site's information successfully, I choose one specific site to get the da...
Hi all,I’m running into an issue where the API key value in ServiceNow is not updating correctly.Here's what's happening:I updated the API key in a system property or credential record.However, on the configuration page, it still shows the old key (e...
We have been running VR in prod for almost a year. Our SN VR is integrated with Rapid7. Came across a scenario that is baffling. The jobs seem to be successful but came across an asset. The Discovered Item record created successfully but there was no...
com.snc.snc_access_control
Hi All,for a client we are developing an integration to in ingest new QRadar offences to Security Incident Response (SIR) on ServiceNow.The integration works fine using the plugin "IBM QRadar Offense Ingestion for Security Operations" but we need to ...
